Building Cyber Defenses For Smart Plants

In recent months, ransomware cyber-attacks affected around 300,000 machines across multiple industries in 150 countries. Among the victims were some major organizations in the oil and gas, rail, telecom, and automotive sectors. The attacks led to operational downtime, logistic failures, and production cycle disruption. While Manufacturing 4.0 enables smart plants to create profitable avenues utilizing software, left unprotected this software becomes a liability. A cyber breach opens enterprises to vulnerabilities that leads to theft of intellectual property (IP) and proprietary data, product manipulation, physical damage, and financial losses. Cybersecurity risk has the potential to ruin an organization’s reputation in just a day. Despite the concerns that even Homeland Security has highlighted, the manufacturing sector is increasingly embracing the Industrial Internet of Things (IIoT). Projected to generate $195.47 billion by 2022, IIoT has become central to connecting cyber-physical systems such as supervisory control and data acquisition (SCADA), microcontrollers, programmable logic controllers (PLC), embedded systems, smart devices, and industrial computers to the Cloud. But considering the risks it entails, many companies have increased their information security budgets by 24 percent within the last year.

Outsmarting Security Threats

Enterprises can address security challenges on their factory floors and protect their industrial control systems (ICS) from cyber-attacks by implementing a holistic security plan. Machines, networks, and plant systems conforming to international standards, such as IEC 62443 are near-immune to cyber-threats in an industrial automation environment. Additionally, engaging all employees and training them to detect any digital abnormality can help thwart attacks before they spread across the entire network. A proactive threat mitigation plan goes beyond enterprise boundaries and involves cyber legal counsel, insurance, digital forensic experts, and government agencies. For instance, the European Union Agency for Network and Information Security (ENISA) mandates ICT security certification for all IoT products and services to help secure industrial automation control systems (IACS) and connected cars, among other products. Government undertakings that promote compliance and open communication channels reduce losses and build a more secure global network. In Connecticut, for example, governing officials have introduced a state-wide cybersecurity strategy education program to inform enterprises about how to holistically secure their IT premises in smart plants or their corporate outfits. Meanwhile, in the EU, an upcoming Network and Information Systems (NIS) Directive will penalize operators unable to guard against cyber-attacks that lead to large-scale disasters, with a fine of four percent of their global turnover or £17 million (nearly $23 million), whichever is higher.

Taking Security Up a Notch

There is no arguing that smart plants have to build strong cyber defenses to curtail disasters and contain malware proliferation in their systems. Authentication-based firewalls, micro-segmentation, secure sockets layer (SSL) visibility, encryption, and network access control are commonly available security options. But, multiple defense layers with one way ‘streets’ and access restrictions are more advanced and make systems nearly impossible to penetrate. The key is to apply controls at the device level rather than centrally, making it a hacker’s nightmare. Then again, while the device-central model can manage security in emerging smart factories where select processes are IoT-enabled, it might not work as well for ICS in fully connected smart plants. For instance, deploying role-based security controls in the software-defined network (SDN) for different access layers will be tedious if device-level rights are imposed. Embedding security protocols in SDN and using a “no touch” design to network changes represent the next level. Software-defined security using abstraction of the control plane from the data plane will enable real-time and targeted security with multi-channel support and data-focused system of testing network configuration changes.

Focusing on Vigilance and Resilience

As hackers primarily target critical tasks in the ICS, like chemical refining and production, power distribution and generation, and automated assembly lines, constant vigilance of IoT devices is vital. Manufacturers of such devices will need to incorporate security protocols in their software using secure codes and libraries. Additionally, machine learning and security analytics leveraging artificial intelligence (AI) will help generate robust threat intelligence, allowing devices to not only respond to threats in real-time, but also prevent intrusions on detection. Even though new technologies promise to provide higher levels of data protection to smart plants, operators must continue to keep their finger on the pulse of the evolving threat landscape. Hackers have always found ways to up their game and until last year, the ICS of manufacturing facilities reported two to five attacks, causing annual cumulative financial losses of over $300,000 on average. Therefore, there remains a need for smart plants to constantly upgrade their security posture and show readiness to remediate threats after the incident, evaluate the impact, analyze and learn from the cause, and finally return to normal operations.